- EPSS 2.3%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...
- EPSS 3.86%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...
- EPSS 3.41%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:17
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2004-0827
- EPSS 5.51%
- Veröffentlicht 16.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:28
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3)...
CVE-2001-0169
- EPSS 0.86%
- Veröffentlicht 26.03.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:48
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library fro...
- EPSS 15.35%
- Veröffentlicht 14.11.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:35
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2000-0438
- EPSS 1.08%
- Veröffentlicht 22.05.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:44
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
CVE-2000-0336
- EPSS 0.9%
- Veröffentlicht 21.04.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:30
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
CVE-2000-0172
- EPSS 0.82%
- Veröffentlicht 03.03.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:09
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.
CVE-2000-0186
- EPSS 0.42%
- Veröffentlicht 28.02.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:10
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.